Skip to main content
availability

Package: Invicti AppSec Core (on-demand), Invicti AppSec Enterprise (on-premise, on-demand)

Configure feature branch management

This document explains how to configure feature branch management for your projects in Invicti AppSec. Feature branch management controls how vulnerabilities and SBOM components discovered in feature branch scans are retained and compared against a source branch.

How it works

Vulnerabilities and SBOM components discovered in scans where the environment is set to Feature are automatically deleted after the retention period. Invicti AppSec checks the last scan date of the relevant feature branch to determine if the vulnerabilities discovered in that branch should be deleted.

info

Project-level feature branch management settings override global settings configured under Automation > Setup > Global Settings.

Source branch comparison

The source branch defines the reference branch against which vulnerabilities discovered in feature branches are compared. Setting the source branch at the project level overrides the global source branch.

For example, if the source branch is set to develop, all vulnerabilities discovered in feature environments are compared against vulnerabilities discovered in the develop branch. All actions taken on vulnerabilities in the source branch (such as issue assignment, screenshots, false positive, or risk accepted markings) are reflected on the matching vulnerabilities in feature branches. This prevents double triage or remediation efforts.

Steps to configure feature branch management

To configure feature branch management for your project:

  1. Select Inventory > Projects from the left side menu.
  2. Click the project name to open the project dashboard.
  3. Select the Settings tab > Feature branch management.
  4. Configure the following options:
    • Infinite retention: enable this toggle to retain feature branch vulnerabilities and SBOM components indefinitely. When enabled, the retention period field is disabled.
    • Retention period (days): specify the number of days after which vulnerabilities and SBOM components from feature branch scans are automatically deleted.
    • Source branch: select the branch against which feature branch vulnerabilities are compared.
  5. Click Save on the bottom of the page to apply your configuration.

Need help?

Invicti Support team is ready to provide you with technical help. Go to Help Center

Last updated on
Was this page useful?